Trying to understand the specific sequence of events causing a 403 Forbidden response during SIP registration on our Genesys Cloud BYOC Edge deployment. The integration is a Premium AppFoundry application designed for multi-tenant OAuth authentication, operating within the America/Los_Angeles timezone. The edge configuration uses the standard BYOC topology with a public IP and correct DNS records pointing to the Genesys Cloud SIP proxy. The OAuth client associated with the integration has been granted the necessary permissions, including edge:manage and sdp:manage, and the token generation process via POST /api/v2/auth/token returns a valid access token without error. However, when the edge attempts to register using this token, the Genesys Cloud logs indicate a 403 Forbidden status on the REGISTER request. The error message specifically mentions a mismatch in the expected tenant context or an invalid signature verification. We have verified that the JWT payload contains the correct sub and aud claims, and the edge certificate is valid and trusted by the Genesys Cloud platform. The issue persists across multiple edge instances, suggesting a systemic configuration problem rather than an isolated hardware fault. The application handles high-volume SIP traffic, so reliability is critical. We have reviewed the Platform API documentation for BYOC Edge management and confirmed that the edge is properly linked to the organization. The problem appears to be related to the OAuth scope propagation or the way the edge interprets the multi-tenant context during the registration handshake. Any insights into why a valid token would still result in a 403 during SIP registration would be appreciated. Is there a specific header or claim required in the SIP REGISTER request that is not documented in the standard BYOC guide? The current workaround of manually resetting the edge registration is not sustainable for our client base.